docker/cli
1
0
Fork 0
mirror of https://github.com/docker/cli.git synced 2026-01-28 04:20:55 +03:00
Code Activity
Files
master
cli/cmd/docker-trust/docs/reference/trust_key_load.md
Sebastiaan van Stijn c9bb291154 implement docker trust as plugin 
move the `trust` subcommands to a plugin, so that the subcommands can
be installed separate from the `docker trust` integration in push/pull
(for situations where trust verification happens on the daemon side).

    make binary
    go build -o /usr/libexec/docker/cli-plugins/docker-trust ./cmd/docker-trust

    docker info
    Client:
     Version:    28.2.0-dev
     Context:    default
     Debug Mode: false
     Plugins:
      buildx: Docker Buildx (Docker Inc.)
        Version:  v0.24.0
        Path:     /usr/libexec/docker/cli-plugins/docker-buildx
      trust: Manage trust on Docker images (Docker Inc.)
        Version:  unknown-version
        Path:     /usr/libexec/docker/cli-plugins/docker-trust

    docker trust --help
    Usage:  docker trust [OPTIONS] COMMAND

    Extended build capabilities with BuildKit

    Options:
      -D, --debug   Enable debug logging

    Management Commands:
      key         Manage keys for signing Docker images
      signer      Manage entities who can sign Docker images

    Commands:
      inspect     Return low-level information about keys and signatures
      revoke      Remove trust for an image
      sign        Sign an image

    Run 'docker trust COMMAND --help' for more information on a command.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2025-11-06 15:24:46 +01:00

46 lines
1.1 KiB
Markdown
Raw Permalink Blame History

# trust key load
<!---MARKER_GEN_START-->
Load a private key file for signing
### Options
| Name | Type | Default | Description |
|:---------|:---------|:---------|:------------------------|
| `--name` | `string` | `signer` | Name for the loaded key |
<!---MARKER_GEN_END-->
## Description
`docker trust key load` adds private keys to the local Docker trust keystore.
To add a signer to a repository use `docker trust signer add`.
## Examples
### Load a single private key
For a private key `alice.pem` with permissions `-rw-------`
```console
$ docker trust key load alice.pem
Loading key from "alice.pem"...
Enter passphrase for new signer key with ID f8097df:
Repeat passphrase for new signer key with ID f8097df:
Successfully imported key from alice.pem
```
To specify a name use the `--name` flag:
```console
$ docker trust key load --name alice-key alice.pem
Loading key from "alice.pem"...
Enter passphrase for new alice-key key with ID f8097df:
Repeat passphrase for new alice-key key with ID f8097df:
Successfully imported key from alice.pem
```
View Git Blame Copy Permalink